[morgant]

Hmmm, not a bad idea.

[morgant]

As far as the username/groupname goes, be aware that Mac OS X usually puts a user in a group of the same name, hence the problem you ran into.

If the laptop is running Mac OS X 10.4 (Tiger), check out emlx to mbox Converter. It’ll allow you to convert the emlx files stored in the /Users/username/Library/Mail/IMAP-emailaddress to standard mbox files which you can then import back into Mail.app (and do an ‘ol drag-and-drop) back to the IMAP account.

Backup first, of course

Any other good ways of doing this? Import the mbox files directly?

[morgant]

In case someone searches the forums for this:

Changed the server’s Mail service Security settings to USE SSL (instead of REQUIRE SSL) for IMAP (it was already set to USE SSL for SMTP).

Ran /etc/squirrelmail/config/conf.pl to change the IMAP settings to not use Secure IMAP (TLS) and made sure it was connecting to localhost:143.

Then verified that non-SSL IMAP and POP connections from the outside do not work after modifying the FireWall settings.

Worked like a charm. Very quick fix.

[morgant]

[QUOTE BY= MacTroll] SQM isn’t able to do SSL because php hasn’t been compiled with imaps extensions, IIRC.

However, what I typically do in this situation is to open up both 143 and 993, so imap and imaps, but use the firewall to only allow imap connections from 127.0.0.1[/QUOTE]

Thanks for the suggestion. I actually realized that would be the best solution over lunch the same day (just after my last post). I just had to get my brain to look at it from another point of view.

I haven’t had the chance to make the changes yet, but I’ll try to remember to post the results.

[morgant]

Basically, I switched to CRAM-MD5 authentication and SSL encryption for IMAP & SMTP because we have many employees who have PowerBooks for workstations and are using them internally on Ethernet or WiFi and often from home or on the road. Previously those employees had to remember to use their home ISP’s SMTP server or a .Mac (or similar) account to send from the road.

This was far from ideal and not really great for business communication, so when I set up our new mail server I went for stronger authentication and encryption all around.

This setup has been working fine for us, but a few part-time employees have joined our team and share the same handful of computers which only have a single user account running retail software. There’s been a push from management to set them up with webmail so they can do their e-mail during slow periods.

I was just going to configure SquirrelMail on the mail server as a short term fix and was hoping to do so without compromising security by opening up less secure means of communication. It sounds like this is not possible, correct?

I know it’s pointless to encrypt the traffic which never leaves the box, but I’m happier doing that for a couple of people than opening up the potential for an employee to copy their mail settings to a new machine, accidentally set it up insecurely, and have private company e-mail going out over the Internet.

[morgant]

I’ve run the same setup and have run into the same problem.

IMAP requiring SSL and requiring CRAM-MD5 for authentication.
SMTP use SSL and requiring CRAM-MD5 for authentication (except for relaying accepted from hosts within my internal IP range).

I’ve configured SquirrelMail’s IMAP setting to use CRAM-MD5 and have changed the port number to 993. I’ve tried combinations of using ‘cyrus’ and ‘macosx’ as the server type, as well as TLS on and off. (All this done via config.pl, of course.)

I always get the following error:
[QUOTE] Bad request: IMAP server does not appear to support the authentication method selected. Please contact your system administrator.[/QUOTE]

What am I missing? I’m surprised no one had a response for the previous poster.

[Author]

Posts